Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:42.3:Update
perl-YAML-LibYAML
CVE-2013-6393.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2013-6393.patch of Package perl-YAML-LibYAML
diff -Naur a/LibYAML/api.c b/LibYAML/api.c --- a/LibYAML/api.c 2009-08-30 21:50:47.000000000 +0200 +++ b/LibYAML/api.c 2014-03-07 17:33:59.345442851 +0100 @@ -117,7 +117,12 @@ YAML_DECLARE(int) yaml_stack_extend(void **start, void **top, void **end) { - void *new_start = yaml_realloc(*start, ((char *)*end - (char *)*start)*2); + void *new_start; + + if ((char *)*end - (char *)*start >= INT_MAX / 2) + return 0; + + new_start = yaml_realloc(*start, ((char *)*end - (char *)*start)*2); if (!new_start) return 0; diff -Naur a/LibYAML/scanner.c b/LibYAML/scanner.c --- a/LibYAML/scanner.c 2009-08-30 21:50:47.000000000 +0200 +++ b/LibYAML/scanner.c 2014-03-07 17:34:08.431442987 +0100 @@ -615,11 +615,11 @@ */ static int -yaml_parser_roll_indent(yaml_parser_t *parser, int column, - int number, yaml_token_type_t type, yaml_mark_t mark); +yaml_parser_roll_indent(yaml_parser_t *parser, ptrdiff_t column, + ptrdiff_t number, yaml_token_type_t type, yaml_mark_t mark); static int -yaml_parser_unroll_indent(yaml_parser_t *parser, int column); +yaml_parser_unroll_indent(yaml_parser_t *parser, ptrdiff_t column); /* * Token fetchers. @@ -1103,7 +1103,7 @@ */ int required = (!parser->flow_level - && parser->indent == (int)parser->mark.column); + && parser->indent == (ptrdiff_t)parser->mark.column); /* * A simple key is required only when it is the first token in the current @@ -1176,6 +1176,11 @@ /* Increase the flow level. */ + if (parser->flow_level == INT_MAX) { + parser->error = YAML_MEMORY_ERROR; + return 0; + } + parser->flow_level++; return 1; @@ -1206,8 +1211,8 @@ */ static int -yaml_parser_roll_indent(yaml_parser_t *parser, int column, - int number, yaml_token_type_t type, yaml_mark_t mark) +yaml_parser_roll_indent(yaml_parser_t *parser, ptrdiff_t column, + ptrdiff_t number, yaml_token_type_t type, yaml_mark_t mark) { yaml_token_t token; @@ -1226,6 +1231,11 @@ if (!PUSH(parser, parser->indents, parser->indent)) return 0; + if (column > INT_MAX) { + parser->error = YAML_MEMORY_ERROR; + return 0; + } + parser->indent = column; /* Create a token and insert it into the queue. */ @@ -1254,7 +1264,7 @@ static int -yaml_parser_unroll_indent(yaml_parser_t *parser, int column) +yaml_parser_unroll_indent(yaml_parser_t *parser, ptrdiff_t column) { yaml_token_t token; @@ -2574,7 +2584,7 @@ /* Resize the string to include the head. */ - while (string.end - string.start <= (int)length) { + while ((size_t)(string.end - string.start) <= length) { if (!yaml_string_extend(&string.start, &string.pointer, &string.end)) { parser->error = YAML_MEMORY_ERROR; goto error; diff -Naur a/LibYAML/yaml_private.h b/LibYAML/yaml_private.h --- a/LibYAML/yaml_private.h 2009-08-30 21:50:47.000000000 +0200 +++ b/LibYAML/yaml_private.h 2014-03-07 17:34:04.399442926 +0100 @@ -7,6 +7,7 @@ #include <assert.h> #include <limits.h> +#include <stddef.h> /* * Memory management.
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor